- International Journal of Information Security Science
- Volume:5 Issue:2
- Customizing SSL Certificate Extensions to Reduce False-Positive Certificate Error/Warning Messages
Customizing SSL Certificate Extensions to Reduce False-Positive Certificate Error/Warning Messages
Authors : Şafak TARAZAN, Atila BOSTAN
Pages : 21-28
View : 21 | Download : 9
Publication Date : 2016-06-01
Article Type : Research Paper
Abstract :In todays Internet world, X.509 certificates are commonly used in SSL protocol to provide security for web-based services by server/client authentication and secure communication. Although SSL protocol presents a technical basis, this web-security largely depends on user awareness of security measures as well. There are significant number of scientific studies in the literature reporting that the count of invalid or self-signed certificate usage in today’s Internet can not be overlooked. At the same time, quite a number of studies place emphasis on the acquired indifference towards certificate warning messages which are popped up by web browsers when visiting web pages with invalid or self-signed certificates. In this study, with the importance of user’s daily practices in developing habits in mind, we studied a modification of X.509 certificates in order to reduce the number of false-positive certificate-warning pop ups in order to reduce gaining faulty usage habit of invalid certificates.Keywords : X509 certificates, SSL protocol, certificate extensions, invalid certificates, SSL certificates and users awareness
ORIGINAL ARTICLE URL